www-apps/dragonflycms should be updated as v9.3.4 addresses the xss vulnerability as advided in http://secunia.com/advisories/47999/ *dragonflycms-9.3.3.1 (23 Jun 2012) 23 Jun 2012; Matti Bickel (mabi) +dragonflycms-9.3.3.1.ebuild, -dragonflycms-9.2.1.ebuild: version bump. remove old b/c of security issues (see http://secunia.com/advisories/47999/) Despite the commit detials, the issue has just been fixed. I also noticed pkg_nofecth() using a really old URL, it should point to http://dragonflycms.org/Downloads/details/id=28/ Thanks
Thank you for the report. web-apps: please provide an updated ebuild.
@web-apps, please bump to current version in order to mitigate this vulnerability. 2 years since last request for new ebuild. @proxy-maint, anyone want to take this on? @treecleaner, No rdeps so this is a candidate for tree cleaning.
# Aaron Bauman <bman@gentoo.org> (05 Mar 2016) # Per security bug #448826 this package is vulnerable # and unmaintained. Removal in 30 days. www-apps/dragonflycms
Package removed: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=126a7d85104d40a22b8fee9ead59b34dcd3e70bb